Deep packet inspection (DPI) is a type of packet filtering performed at the application layer, which takes into account packet payload data to determine the permissibility of a through-passing packet. DPI can utilize a variety of techniques such as, for example, standards compliance, protocol anomaly detection, malicious data detection, application control, signature matching, and behavior-based inspection along with traditional packet inspection techniques (i.e., source/destination Internet Protocol (IP) addresses and ports), to identify and classify data packets in order to obtain end-to-end visibility of the packet traffic traversing a network. Armed with this information operators can implement policies (e.g., quality of service (QoS) policies) to ensure subscribers are provided the level of service to which they are entitled. Accordingly, actions can be taken to properly enforce these policies. Actions can include, for example, allowing, blocking, destroying, rate limiting, and flagging a suspect packet or packet stream.
Traditionally, DPI is deployed in IP data networks for security and network operation purposes. For wireless networks, in addition to what traditional functionalities DPI provides, operators need to have the abilities to manage data services to avoid abuse of network resources. This need requires the ability to detect, analyze, and shape data traffic, and accordingly enforce policies for QoS and/or operator-dependent purposes. Due to the development of newer wireless communications equipment and the development of more sophisticated processing techniques, users can enjoy higher bandwidth connections to wireless networks via their wireless operator. More recently, with the advent of high-speed data access protocols such as Evolution-Data Optimized (EV-DO), High-Speed Downlink Packet Access (HSDPA), High-Speed Uplink Packet Access (HSUPA), and High-Speed Orthogonal Frequency-Division Multiplexing (OFDM) Packet Access (HSOPA), users have gained the ability to transfer large amounts of data, such as to implement file sharing, download movies, and/or download music files. The accessibility and widespread use of mobile devices (e.g., mobile telephones, personal digital assistants (PDAs), smart devices, and laptop computers) increases the vulnerability of the wireless network to bandwidth abuse, security, and legal issues associated with the use (misuse) of the network.
Current DPI architectures for wireless networks incorporate policy management systems for provisioning and managing static policies. These systems provide no means for dynamically updating or creating new policies based upon analysis provided during DPI processes. In addition, these architectures are inflexible with regard to phased development and typically burden the policy enforcement point with the responsibilities of constantly monitoring traffic for enforcement conditions.
These and other deficiencies in the state of the art of DPI are addressed and overcome by the various exemplary embodiments provided herein.